EAP-TLS:Error: rlm_eap: Failed to store handler
Alan DeKok
aland at deployingradius.com
Sun Sep 20 14:09:03 CEST 2009
leopold wrote:
> We are using 2.1.4 version and sometimes we see the following error
> Wed Sep 16 11:21:01 2009 : Error: rlm_eap: Failed to store handler
That error means that the "current" EAP packet is *already* in the
list of known EAP sessions. So trying to insert it twice is bad.
> This error is very difficult to reproduce, but if the server goes into this
> mode it starts randomly rejecting some users and accepting others.
> Many users get rejected with the same error message
> The only way now is to restart server and then it works fine.
That would be the recommended thing to do.
> Could there be some kind of rbtree corruption or there is a way to explain
> this when EAP session is already in the tree and client retries or for some
> reason sends message twice the server finds the session based on STATE
> variable in the tree and prints this message?
When the server receives an EAP packet, any old handler is *removed*
from the list. This is done with a mutex, so there should be no
possibility for two packets to be processed simultaneously. i.e. with a
retransmit.
I suspect that the problem is really some kind of memory corruption.
But without knowng more, it's hard to say.
> This would be okay if one client gets rejected is supplicant misbehaves and
> sends duplicate requests, but many clients get the same failure.
> Are there any code fixes from 2.1.4 and 2.1.7 that fix exact same problem?
No. I don't even know what is causing the problem.
Alan DeKok.
More information about the Freeradius-Users
mailing list